Based on the default config's presets, Renovate will:
Start dependency updates only once this onboarding PR is merged
Show all Merge Confidence badges for pull requests.
Enable Renovate Dependency Dashboard creation.
Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
Ignore node_modules, bower_components, vendor and various test/tests directories.
Group known monorepo packages together.
Use curated list of recommended non-monorepo package groupings.
Apply crowd-sourced package replacement rules.
Apply crowd-sourced workarounds for known problems with packages.
🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.
What to Expect
With your current configuration, Renovate will create 16 Pull Requests:
chore(deps): update actions/checkout digest to 93ea575
- Schedule: ["at any time"]
- Branch name: `renovate/actions-checkout-digest`
- Merge into: `main`
- Upgrade [actions/checkout](https://togithub.com/actions/checkout) to `93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8`
chore(deps): update facebook/pyre-action digest to 6dc86fc
- Schedule: ["at any time"]
- Branch name: `renovate/facebook-pyre-action-digest`
- Merge into: `main`
- Upgrade facebook/pyre-action to `6dc86fc8f40e0f15cdd8a59d9f93294cf72a0863`
chore(deps): update facebook/pysa-action digest to 15c7aea
- Schedule: ["at any time"]
- Branch name: `renovate/facebook-pysa-action-digest`
- Merge into: `main`
- Upgrade facebook/pysa-action to `15c7aea01cff64049bafe04fac871bd2cb50df56`
chore(deps): update github/codeql-action digest to 8075783
- Schedule: ["at any time"]
- Branch name: `renovate/github-codeql-action-digest`
- Merge into: `main`
- Upgrade [github/codeql-action](https://togithub.com/github/codeql-action) to `807578363a7869ca324a79039e6db9c843e0e100`
chore(deps): update snyk/actions digest to 8349f90
- Schedule: ["at any time"]
- Branch name: `renovate/snyk-actions-digest`
- Merge into: `main`
- Upgrade snyk/actions to `8349f9043a8b7f0f3ee8885bf28f0b388d2446e8`
chore(deps): update actions/checkout action to v3.6.0
- Schedule: ["at any time"]
- Branch name: `renovate/actions-checkout-3.x`
- Merge into: `main`
- Upgrade [actions/checkout](https://togithub.com/actions/checkout) to `f43a0e5ff2bd294095638e18286ca9a3d1956744`
chore(deps): update github/codeql-action action to v2.24.9
- Schedule: ["at any time"]
- Branch name: `renovate/github-codeql-action-2.x`
- Merge into: `main`
- Upgrade [github/codeql-action](https://togithub.com/github/codeql-action) to `a82bad71823183e5b120ab52d521460ecb0585fe`
chore(deps): update slsa-framework/slsa-github-generator action to v1.10.0
- Schedule: ["at any time"]
- Branch name: `renovate/slsa-framework-slsa-github-generator-1.x`
- Merge into: `main`
- Upgrade [slsa-framework/slsa-github-generator](https://togithub.com/slsa-framework/slsa-github-generator) to `v1.10.0`
chore(deps): update actions/checkout action to v4
- Schedule: ["at any time"]
- Branch name: `renovate/actions-checkout-4.x`
- Merge into: `main`
- Upgrade [actions/checkout](https://togithub.com/actions/checkout) to `v4`
- Upgrade [actions/checkout](https://togithub.com/actions/checkout) to `b4ffde65f46336ab88eb53be808477a3936bae11`
chore(deps): update actions/labeler action to v5
- Schedule: ["at any time"]
- Branch name: `renovate/actions-labeler-5.x`
- Merge into: `main`
- Upgrade [actions/labeler](https://togithub.com/actions/labeler) to `v5`
chore(deps): update actions/setup-python action to v5
- Schedule: ["at any time"]
- Branch name: `renovate/actions-setup-python-5.x`
- Merge into: `main`
- Upgrade [actions/setup-python](https://togithub.com/actions/setup-python) to `v5`
chore(deps): update actions/stale action to v9
- Schedule: ["at any time"]
- Branch name: `renovate/actions-stale-9.x`
- Merge into: `main`
- Upgrade [actions/stale](https://togithub.com/actions/stale) to `v9`
chore(deps): update dependabot/fetch-metadata action to v2
- Schedule: ["at any time"]
- Branch name: `renovate/dependabot-fetch-metadata-2.x`
- Merge into: `main`
- Upgrade [dependabot/fetch-metadata](https://togithub.com/dependabot/fetch-metadata) to `v2`
chore(deps): update dependency ubuntu to v22
- Schedule: ["at any time"]
- Branch name: `renovate/ubuntu-22.x`
- Merge into: `main`
- Upgrade [ubuntu](https://togithub.com/actions/runner-images) to `22.04`
chore(deps): update github/codeql-action action to v3
- Schedule: ["at any time"]
- Branch name: `renovate/github-codeql-action-3.x`
- Merge into: `main`
- Upgrade [github/codeql-action](https://togithub.com/github/codeql-action) to `v3`
- Upgrade [github/codeql-action](https://togithub.com/github/codeql-action) to `1b1aada464948af03b950897e5eb522f92603cc2`
chore(deps): update release-drafter/release-drafter action to v6
- Schedule: ["at any time"]
- Branch name: `renovate/release-drafter-release-drafter-6.x`
- Merge into: `main`
- Upgrade [release-drafter/release-drafter](https://togithub.com/release-drafter/release-drafter) to `v6`
🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prhourlylimit for details.
❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.
This PR has been generated by Mend Renovate. View repository job log here.
Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.
🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.
Detected Package Files
.github/workflows/bandit.yml
(github-actions).github/workflows/dependabot-auto-approve.yml
(github-actions).github/workflows/dependabot-auto-label.yml
(github-actions).github/workflows/dependbot-fetch-metadata.yml
(github-actions).github/workflows/dependency-review.yml
(github-actions).github/workflows/devskim.yml
(github-actions).github/workflows/docs-build.yml
(github-actions).github/workflows/generator-generic-ossf-slsa3-publish.yml
(github-actions).github/workflows/label.yml
(github-actions).github/workflows/manual.yml
(github-actions).github/workflows/ossar.yml
(github-actions).github/workflows/pyre.yml
(github-actions).github/workflows/pysa.yml
(github-actions).github/workflows/python-package.yml
(github-actions).github/workflows/python-publish.yml
(github-actions).github/workflows/release-drafter.yml
(github-actions).github/workflows/scorecard.yml
(github-actions).github/workflows/snyk-security.yml
(github-actions).github/workflows/stale.yml
(github-actions)requirements.txt
(pip_requirements)Configuration Summary
Based on the default config's presets, Renovate will:
fix
for dependencies andchore
for all others if semantic commits are in use.node_modules
,bower_components
,vendor
and various test/tests directories.🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to
renovate.json
in this branch. Renovate will update the Pull Request description the next time it runs.What to Expect
With your current configuration, Renovate will create 16 Pull Requests:
chore(deps): update actions/checkout digest to 93ea575
- Schedule: ["at any time"] - Branch name: `renovate/actions-checkout-digest` - Merge into: `main` - Upgrade [actions/checkout](https://togithub.com/actions/checkout) to `93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8`chore(deps): update facebook/pyre-action digest to 6dc86fc
- Schedule: ["at any time"] - Branch name: `renovate/facebook-pyre-action-digest` - Merge into: `main` - Upgrade facebook/pyre-action to `6dc86fc8f40e0f15cdd8a59d9f93294cf72a0863`chore(deps): update facebook/pysa-action digest to 15c7aea
- Schedule: ["at any time"] - Branch name: `renovate/facebook-pysa-action-digest` - Merge into: `main` - Upgrade facebook/pysa-action to `15c7aea01cff64049bafe04fac871bd2cb50df56`chore(deps): update github/codeql-action digest to 8075783
- Schedule: ["at any time"] - Branch name: `renovate/github-codeql-action-digest` - Merge into: `main` - Upgrade [github/codeql-action](https://togithub.com/github/codeql-action) to `807578363a7869ca324a79039e6db9c843e0e100`chore(deps): update snyk/actions digest to 8349f90
- Schedule: ["at any time"] - Branch name: `renovate/snyk-actions-digest` - Merge into: `main` - Upgrade snyk/actions to `8349f9043a8b7f0f3ee8885bf28f0b388d2446e8`chore(deps): update actions/checkout action to v3.6.0
- Schedule: ["at any time"] - Branch name: `renovate/actions-checkout-3.x` - Merge into: `main` - Upgrade [actions/checkout](https://togithub.com/actions/checkout) to `f43a0e5ff2bd294095638e18286ca9a3d1956744`chore(deps): update github/codeql-action action to v2.24.9
- Schedule: ["at any time"] - Branch name: `renovate/github-codeql-action-2.x` - Merge into: `main` - Upgrade [github/codeql-action](https://togithub.com/github/codeql-action) to `a82bad71823183e5b120ab52d521460ecb0585fe`chore(deps): update slsa-framework/slsa-github-generator action to v1.10.0
- Schedule: ["at any time"] - Branch name: `renovate/slsa-framework-slsa-github-generator-1.x` - Merge into: `main` - Upgrade [slsa-framework/slsa-github-generator](https://togithub.com/slsa-framework/slsa-github-generator) to `v1.10.0`chore(deps): update actions/checkout action to v4
- Schedule: ["at any time"] - Branch name: `renovate/actions-checkout-4.x` - Merge into: `main` - Upgrade [actions/checkout](https://togithub.com/actions/checkout) to `v4` - Upgrade [actions/checkout](https://togithub.com/actions/checkout) to `b4ffde65f46336ab88eb53be808477a3936bae11`chore(deps): update actions/labeler action to v5
- Schedule: ["at any time"] - Branch name: `renovate/actions-labeler-5.x` - Merge into: `main` - Upgrade [actions/labeler](https://togithub.com/actions/labeler) to `v5`chore(deps): update actions/setup-python action to v5
- Schedule: ["at any time"] - Branch name: `renovate/actions-setup-python-5.x` - Merge into: `main` - Upgrade [actions/setup-python](https://togithub.com/actions/setup-python) to `v5`chore(deps): update actions/stale action to v9
- Schedule: ["at any time"] - Branch name: `renovate/actions-stale-9.x` - Merge into: `main` - Upgrade [actions/stale](https://togithub.com/actions/stale) to `v9`chore(deps): update dependabot/fetch-metadata action to v2
- Schedule: ["at any time"] - Branch name: `renovate/dependabot-fetch-metadata-2.x` - Merge into: `main` - Upgrade [dependabot/fetch-metadata](https://togithub.com/dependabot/fetch-metadata) to `v2`chore(deps): update dependency ubuntu to v22
- Schedule: ["at any time"] - Branch name: `renovate/ubuntu-22.x` - Merge into: `main` - Upgrade [ubuntu](https://togithub.com/actions/runner-images) to `22.04`chore(deps): update github/codeql-action action to v3
- Schedule: ["at any time"] - Branch name: `renovate/github-codeql-action-3.x` - Merge into: `main` - Upgrade [github/codeql-action](https://togithub.com/github/codeql-action) to `v3` - Upgrade [github/codeql-action](https://togithub.com/github/codeql-action) to `1b1aada464948af03b950897e5eb522f92603cc2`chore(deps): update release-drafter/release-drafter action to v6
- Schedule: ["at any time"] - Branch name: `renovate/release-drafter-release-drafter-6.x` - Merge into: `main` - Upgrade [release-drafter/release-drafter](https://togithub.com/release-drafter/release-drafter) to `v6`🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for
prhourlylimit
for details.❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section. If you need any further assistance then you can also request help here.
This PR has been generated by Mend Renovate. View repository job log here.